Archana Turaga <Archana.Turaga <at> intervoice.com> writes: > I already have a custom logout action. Do you mean I can somehow invoke > a invalidate on the session that belongs to the struts webapp from > within the Jetspeed logout action. The struts webapp that I have does > not have any logout action in it. Could you please give some more > pointers or elaborate on what you mentioned here? >
The solution here is to enable tomcat's SSO functionality. With SSO enabled, there is an SSO session (with its own cookie) that spans all applications in the same container and it holds references to the sessions for a particular user in each app. When a session times out, then the SSO session stays intact so long as there is at least one other valid application session. However, when you call session.invalidate on an application session, then the SSO session invalidates all other application sessions and destroys itself. If you need to implement additional logic when an application session times out or is invalidated, implement the HttpSessionListener interface and register it in your application (within your web.xml). HTH, aaron --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
